After the multiple failures of Apple’s Face ID, people looked at Microsoft’s ‘Hello’ facial recognition. Although the usability of the two technologies is different, the level of security and uniqueness of the idea is same. What’s even more dangerous in Microsoft’s case, is that the system has been deceived by using a mere photo.

The German Firm’s Research

A German firm by the name of SYSS conducted the experiment against older versions of Windows. The important point to be noted here is that these tests were done prior to its Windows 10 Anniversary Update. The testers set up the lock system with a fresh scan. Then the system was deceived using an infrared photograph of the registered user.

The Anti-Spoofing Feature

Email Spoofing Microsofts Windows Hello spoofed with a mere photograph   Watch this before you start trusting the Windows Hello feature

Microsoft has already deployed an anti-spoofing feature in Windows Hello but it didn’t quite help in the case. The major concern here is that after the earlier Creators Update and the Fall Creators Update, even the anti-spoofing feature is disabled. Microsoft claims to have made things better after these updates so all those who are using Windows 10’s Windows Hello functionality, should redo the facial recognition software process once again.

The Risks Might Be Low

This very spoofing case, that we have discussed right here, is not a simple one as the attacker is in possession of a well-positioned infrared image of the registered user. It’s a very rare scenario and normally, such things don’t really happen. Moreover, in the recent updates, Microsoft claims to have made things better in favor of the users. So let’s hope that the spoofing risks in Windows Hello feature are lower than we are thinking.

Older versions of Windows start getting the security patches for WannaCry Ransomware as NSA reports the issue to Microsoft